[Samba] Slow, Incorrect Group Resolution through Winbind
sonicsmith at gmail.com
Wed Sep 13 15:18:59 UTC 2017
On Wed, Sep 13, 2017 at 10:48 AM, Rich Otero via samba
<samba at lists.samba.org> wrote:
> server max protocol = SMB2_22
> max protocol = SMB2_22
> protocol = SMB2_22
The 3 lines above all mean the same thing, the last 2 are synonyms of the first.
Taking a peek at "man smb.conf" is a good place to start.
> idmap uid = 16777216-33554431
> idmap gid = 16777216-33554431
The above 2 lines should be dropped.
> idmap config * : range = 16777216-33554431
> idmap config * : backend = tdb
Should be more like:
idmap config STUDENTS : range = 16777216-33554431
idmap config STUDENTS : backend = tdb
...plus something like:
idmap config * : range = 10000-20000
idmap config * : backend = tdb
... using a different range than configured for STUDENTS.
Again "man smb.conf" is your friend.
> I know that we are using some deprecated options, but this configuration
> typically works well for us.
Apparently not :-)
> Besides the logging options, allow me to explain the other two: I set
> "password server" to restrict Winbind from contacting DCs that it can't
> actually reach.
Not really sure that the "password server" parameter has any affect on
winbind, think it's just an smbd directive.
More information about the samba